SS
Uploaded byShankar Subramaniyan
PDF, PPTX4,777 views

Cloud Security Governance

This document discusses cloud security governance and related challenges. It begins by outlining key cloud security concerns like lack of visibility, loss of control, and multi-tenancy issues. Major risks are then examined, such as data leakage, account hijacking, and insecure cloud software. The document also explores the shared responsibility model between cloud service providers and consumers. It notes that many breaches are due to customer misconfiguration rather than provider vulnerabilities. Finally, challenges in implementing cloud security governance are mentioned, such as cloud discovery, gaps in contracts, and rapidly changing cloud services and architectures.

Embed presentation

Download as PDF, PPTX
Shankar Subramaniyan ISACA Greater Houston Chapter August 17,2017 Cloud Security Governance 1
• Why Cloud Security ? • Cloud Service Provider Security • Cloud Consumer Security • Major Challenges in implementation 2 Agenda
Cloud Security 3
KEY CONCERNS Attack Vector Lack of Visibility Loss of Control Physical Inaccessibility Cross Border Laws Multi Tenancy Data Privacy Regulatory Compliance
Top Security Risks 5 Compliance Risks Data Leakage/Loss Insecure Cloud Software Malicious use of Cloud services Account hijacking Malicious Insider Loss of Governance Lock-In Isolation Failure Management Interface Compromise Insecure or Incomplete Data Deletion Administrative or legal outages
6 Cloud Security Risks Unauthorized use/ Analytics Outage of Cloud services due to employee error Data Mix-up Hospital gown vulnerability Data Leakage Misconfigured cloud storage exposed to internet Cloud hosted malware 73% of Companies Have Critical Security Misconfigurations - Threat Stack 44 percent of malware in enterprise cloud apps delivered ransomware -Netskope
Cloud Types 7 Private, Community Public & Hybrid Clouds
Cloud Security Provider Security 8
Shared Responsibility Model 9 https://www.enisa.europa.eu/publications/cloud-computing-information-assurance-framework
Cloud Security Guidance 10https://cloudsecurityalliance.org/guidance/#_overview Contracts Management Plane New Audit Skill Software defined infrastructure Short lived virtual assets Image Protection DevOps Server less ArchitectureDirect storage access Open source CSPCustomer
Cloud GRC Stack 11 Delivering  Stack Pack  Description Continuous monitoring … with a purpose • Common technique and nomenclature to request and receive evidence and affirmation of current cloud service operating circumstances from cloud providers Claims, offers, and the basis for auditing service delivery • Common interface and namespace to automate the Audit, Assertion, Assessment, and Assurance (A6) of cloud environments Pre-audit checklists and questionnaires to inventory controls • Industry-accepted ways to document what security controls exist The recommended foundations for controls • Fundamental security principles in specifying the overall security needs of a cloud consumers and assessing the overall security risk of a cloud provider https://cloudsecurityalliance.org/research/grc-stack/#_overview
Cloud Consumer Security 12 Through 2020, 80% of cloud breaches will be due to customer misconfiguration, mismanaged credentials or insider theft, not cloud provider vulnerabilities -Gartner
Consumer Security Responsibilities 13 DDoS Protecti on ACLs Virtual Networ k Isolatio n NSGs VM Firewall • Security Configuration • Redundancy (ISP/CSP) • Access management • Source Control/Drifting • Network Segregation • Monitoring • Patch management (IAAS)
Additional Security Services -IAAS 14 CloudTrail AWS Config CloudWatch Alarms AWS Trusted Advisor AWS IAM AWS KMS • Log Monitoring and Alerts • Performance monitoring • Configuration management • Vulnerability scanning • Encryption • Identity and Access Management • End Point Security Module • Network Security- FW,IDS/IPS,WAF • Antimalware Azure Security center https://summitroute.com/blog/2017/05/30/free_tools_for_auditing_the_security_of_an_aws_account/ Netflix Security Monkey
Challenges in Implementation • Cloud Discovery • Gaps in contract • Challenges in Cloud Supply Chain • Rapidly changing services and architecture 15 https://www.skyhighnetworks.com/cloud-security-university/what-is-shadow-it/ Shadow IT Cloud Usage -Skyhigh
Thank You 2contactshankar@gmail.com 16

More Related Content

PPTX
MULTI-CLOUD ARCHITECTURE
byMaganathin Veeraragaloo
 
PDF
Azure governance v4.0
byMarcos Oikawa
 
PPTX
Azure Security Center- Zero to Hero
byKasun Rajapakse
 
PDF
Zero Trust Model Presentation
byGowdhaman Jothilingam
 
PDF
Azure security architecture
byKarl Ots
 
PPT
Cloud security
byTushar Kayande
 
PPTX
Cloud computing and data security
byMohammed Fazuluddin
 
PPTX
Azure Governance
byBenjamin Hüpeden
 
MULTI-CLOUD ARCHITECTURE
byMaganathin Veeraragaloo
 
Azure governance v4.0
byMarcos Oikawa
 
Azure Security Center- Zero to Hero
byKasun Rajapakse
 
Zero Trust Model Presentation
byGowdhaman Jothilingam
 
Azure security architecture
byKarl Ots
 
Cloud security
byTushar Kayande
 
Cloud computing and data security
byMohammed Fazuluddin
 
Azure Governance
byBenjamin Hüpeden
 

What's hot

PDF
Network Security Fundamentals
byRahmat Suhatman
 
PDF
Cloud Security: A New Perspective
byWen-Pai Lu
 
PPTX
Identity and Access Management Introduction
byAidy Tificate
 
PPTX
Data security in cloud computing
byPrince Chandu
 
PPT
Information Security
byDhilsath Fathima
 
PPT
cloud computing.ppt
byMunmunSaha7
 
PDF
Introduction to Microsoft Azure Cloud
byDinesh Kumar Wickramasinghe
 
PPTX
Characteristics of cloud computing
byGOVERNMENT COLLEGE OF ENGINEERING,TIRUNELVELI
 
PPT
Cloud deployment models
byAshok Kumar
 
PPTX
Azure Migration Program Pitch Deck
byNicholas Vossburg
 
PPTX
Zero Trust Model
byYash
 
PPTX
Cloud computing security issues and challenges
byDheeraj Negi
 
PDF
TechnicalTerraformLandingZones121120229238.pdf
byMIlton788007
 
PPTX
Zero trust Architecture
byAddWeb Solution Pvt. Ltd.
 
PDF
Enterprise Security Architecture
byKris Kimmerle
 
PDF
Cloud governance - theory and tools
byAntti Arnell
 
PDF
Evolution of Cloud Computing
byNephoScale
 
PPTX
Service level agreement in cloud computing an overview
byDr Neelesh Jain
 
PPTX
Azure role based access control (rbac)
bySrikanth Kappagantula
 
PPTX
Security Policies and Standards
byprimeteacher32
 
Network Security Fundamentals
byRahmat Suhatman
 
Cloud Security: A New Perspective
byWen-Pai Lu
 
Identity and Access Management Introduction
byAidy Tificate
 
Data security in cloud computing
byPrince Chandu
 
Information Security
byDhilsath Fathima
 
cloud computing.ppt
byMunmunSaha7
 
Introduction to Microsoft Azure Cloud
byDinesh Kumar Wickramasinghe
 
Characteristics of cloud computing
byGOVERNMENT COLLEGE OF ENGINEERING,TIRUNELVELI
 
Cloud deployment models
byAshok Kumar
 
Azure Migration Program Pitch Deck
byNicholas Vossburg
 
Zero Trust Model
byYash
 
Cloud computing security issues and challenges
byDheeraj Negi
 
TechnicalTerraformLandingZones121120229238.pdf
byMIlton788007
 
Zero trust Architecture
byAddWeb Solution Pvt. Ltd.
 
Enterprise Security Architecture
byKris Kimmerle
 
Cloud governance - theory and tools
byAntti Arnell
 
Evolution of Cloud Computing
byNephoScale
 
Service level agreement in cloud computing an overview
byDr Neelesh Jain
 
Azure role based access control (rbac)
bySrikanth Kappagantula
 
Security Policies and Standards
byprimeteacher32
 

Similar to Cloud Security Governance

PPTX
AWS Cloud Security
byAWS Riyadh User Group
 
PPTX
Cloud Security_ Unit 4
byIntegral university, India
 
PDF
Introduction to Cloud Computing-Cloud Security by Dr. K. Adisesha
byAdiseshaK
 
PDF
Lecture27 cc-security2
byAnkit Gupta
 
PDF
Cloud_security_v2_chpater_9_s_version.pdf
byalkabarala01
 
PPTX
Practical Security for the Cloud
byChirag Joshi, CISA, CISM, CRISC
 
PDF
AWS Cloud Security
byAmazon Web Services LATAM
 
PPTX
I am sharing 'Unit-2' with youuuuuu.PPTX
bypadhaipadhai639
 
PDF
Cloud Computing Security
byArunvignesh Venkatesh
 
PPTX
Cloud-Architecture-Technology-Deovps-Eng
byGanesh Bhosale
 
PPTX
CLOUD SECURITY 117 presentation diploma ppt
bypateljainil1607
 
PDF
How We Protect Our Business in the Cloud (The Smart Way)
byCyberShield IT
 
PPTX
Cloud Security Solutions - Cyber security.pptx
byjaswanthbale2
 
PDF
Cloud Security 101
bySanjeev Kumar Jaiswal
 
PDF
The 3 Recommendations for Cloud Security
byVAST
 
PPTX
ShareResponsibilityModel.pptx
byBabatundeAbioye2
 
PPTX
Transforming cloud security into an advantage
byMoshe Ferber
 
PDF
cloud1_aggy.pdf
byAkhileshKumar241470
 
PDF
Cloud Security - Emerging Facets and Frontiers
byGokul Alex
 
PDF
Architecting Data Services for the Cloud: Security Considerations and Best Pr...
byAdnene Guabtni
 
AWS Cloud Security
byAWS Riyadh User Group
 
Cloud Security_ Unit 4
byIntegral university, India
 
Introduction to Cloud Computing-Cloud Security by Dr. K. Adisesha
byAdiseshaK
 
Lecture27 cc-security2
byAnkit Gupta
 
Cloud_security_v2_chpater_9_s_version.pdf
byalkabarala01
 
Practical Security for the Cloud
byChirag Joshi, CISA, CISM, CRISC
 
AWS Cloud Security
byAmazon Web Services LATAM
 
I am sharing 'Unit-2' with youuuuuu.PPTX
bypadhaipadhai639
 
Cloud Computing Security
byArunvignesh Venkatesh
 
Cloud-Architecture-Technology-Deovps-Eng
byGanesh Bhosale
 
CLOUD SECURITY 117 presentation diploma ppt
bypateljainil1607
 
How We Protect Our Business in the Cloud (The Smart Way)
byCyberShield IT
 
Cloud Security Solutions - Cyber security.pptx
byjaswanthbale2
 
Cloud Security 101
bySanjeev Kumar Jaiswal
 
The 3 Recommendations for Cloud Security
byVAST
 
ShareResponsibilityModel.pptx
byBabatundeAbioye2
 
Transforming cloud security into an advantage
byMoshe Ferber
 
cloud1_aggy.pdf
byAkhileshKumar241470
 
Cloud Security - Emerging Facets and Frontiers
byGokul Alex
 
Architecting Data Services for the Cloud: Security Considerations and Best Pr...
byAdnene Guabtni
 

Recently uploaded

PDF
Chapter 2 Computer Threat .pdf
byGetnet Tigabie Askale -(GM)
 
PDF
TrustArc Webinar - Unpacking India’s DPDP Act: What You Should Know
byTrustArc
 
PDF
How Automation Powers Data Quality and Governance at Scale
bySafe Software
 
PDF
Pervasive Encryption - Keeping Data Secure.pdf
byPrecisely
 
PPTX
Spacewalk 2026 - Presented at the IMAX in Raleigh, NC
byAll Things Open
 
PDF
Top 5 Best Dedicated Server Providers in Los Angeles (Updated Edition)
byAtal Networks
 
PDF
Presentation of Cybersecurity and data protection
bytarikaityahya2
 
PPTX
Becoming Frontier for Dynamics 365 Finance PPT
byjonbravetti
 
PDF
One String, Many Prompts: AI Code Generation
byGeoffrey Goetz
 
PDF
Building Voice Agents with Google Agent Development Kit
bySuresh Peiris
 
PDF
Implementing A Data Lakehouse Using Iceberg & Spark
byAnass Nabil
 
PDF
Manual Grabadora laser ACMER S1 User Manual(English).pdf
byAadrianVar
 
PDF
UiPath Coded Agents - A Developer Driven Agentic Automation Era
byUiPathCommunity
 
PDF
5G Explained! A High Level Overview [Introduction]
byLuciano Motta
 
PDF
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 
PDF
Are AI Hallucinations Getting Better or Worse? We Analyzed the Data.
byScott M. Graffius
 
PDF
Zniber Partners. Audience Foresight for Confident Decisions
bySamuel Zniber
 
PDF
Special Reeling Cable Specification _ Anhui Feichun Special Cable Co., Ltd_.pdf
byAnhui Feichun Special Cable Co., Ltd.
 
PDF
Philippine Agricultural Engineering Standard_Hand Tractor .pdf
by6xfrnmdp4b
 
PPTX
computer science class 11 ( phishing and fraud mails) .pptx
bybalajichess314
 
Chapter 2 Computer Threat .pdf
byGetnet Tigabie Askale -(GM)
 
TrustArc Webinar - Unpacking India’s DPDP Act: What You Should Know
byTrustArc
 
How Automation Powers Data Quality and Governance at Scale
bySafe Software
 
Pervasive Encryption - Keeping Data Secure.pdf
byPrecisely
 
Spacewalk 2026 - Presented at the IMAX in Raleigh, NC
byAll Things Open
 
Top 5 Best Dedicated Server Providers in Los Angeles (Updated Edition)
byAtal Networks
 
Presentation of Cybersecurity and data protection
bytarikaityahya2
 
Becoming Frontier for Dynamics 365 Finance PPT
byjonbravetti
 
One String, Many Prompts: AI Code Generation
byGeoffrey Goetz
 
Building Voice Agents with Google Agent Development Kit
bySuresh Peiris
 
Implementing A Data Lakehouse Using Iceberg & Spark
byAnass Nabil
 
Manual Grabadora laser ACMER S1 User Manual(English).pdf
byAadrianVar
 
UiPath Coded Agents - A Developer Driven Agentic Automation Era
byUiPathCommunity
 
5G Explained! A High Level Overview [Introduction]
byLuciano Motta
 
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 
Are AI Hallucinations Getting Better or Worse? We Analyzed the Data.
byScott M. Graffius
 
Zniber Partners. Audience Foresight for Confident Decisions
bySamuel Zniber
 
Special Reeling Cable Specification _ Anhui Feichun Special Cable Co., Ltd_.pdf
byAnhui Feichun Special Cable Co., Ltd.
 
Philippine Agricultural Engineering Standard_Hand Tractor .pdf
by6xfrnmdp4b
 
computer science class 11 ( phishing and fraud mails) .pptx
bybalajichess314
 

Cloud Security Governance

  • 1.
    Shankar Subramaniyan ISACA GreaterHouston Chapter August 17,2017 Cloud Security Governance 1
  • 2.
    • Why CloudSecurity ? • Cloud Service Provider Security • Cloud Consumer Security • Major Challenges in implementation 2 Agenda
  • 3.
  • 4.
    KEY CONCERNS Attack Vector Lackof Visibility Loss of Control Physical Inaccessibility Cross Border Laws Multi Tenancy Data Privacy Regulatory Compliance
  • 5.
    Top Security Risks 5 ComplianceRisks Data Leakage/Loss Insecure Cloud Software Malicious use of Cloud services Account hijacking Malicious Insider Loss of Governance Lock-In Isolation Failure Management Interface Compromise Insecure or Incomplete Data Deletion Administrative or legal outages
  • 6.
    6 Cloud Security Risks Unauthorized use/Analytics Outage of Cloud services due to employee error Data Mix-up Hospital gown vulnerability Data Leakage Misconfigured cloud storage exposed to internet Cloud hosted malware 73% of Companies Have Critical Security Misconfigurations - Threat Stack 44 percent of malware in enterprise cloud apps delivered ransomware -Netskope
  • 7.
  • 8.
  • 9.
  • 10.
    Cloud Security Guidance 10https://cloudsecurityalliance.org/guidance/#_overview Contracts Management Plane NewAudit Skill Software defined infrastructure Short lived virtual assets Image Protection DevOps Server less ArchitectureDirect storage access Open source CSPCustomer
  • 11.
    Cloud GRC Stack 11 Delivering Stack Pack  Description Continuous monitoring … with a purpose • Common technique and nomenclature to request and receive evidence and affirmation of current cloud service operating circumstances from cloud providers Claims, offers, and the basis for auditing service delivery • Common interface and namespace to automate the Audit, Assertion, Assessment, and Assurance (A6) of cloud environments Pre-audit checklists and questionnaires to inventory controls • Industry-accepted ways to document what security controls exist The recommended foundations for controls • Fundamental security principles in specifying the overall security needs of a cloud consumers and assessing the overall security risk of a cloud provider https://cloudsecurityalliance.org/research/grc-stack/#_overview
  • 12.
    Cloud Consumer Security 12 Through2020, 80% of cloud breaches will be due to customer misconfiguration, mismanaged credentials or insider theft, not cloud provider vulnerabilities -Gartner
  • 13.
    Consumer Security Responsibilities 13 DDoS Protecti on ACLs Virtual Networ k Isolatio n NSGs VM Firewall •Security Configuration • Redundancy (ISP/CSP) • Access management • Source Control/Drifting • Network Segregation • Monitoring • Patch management (IAAS)
  • 14.
    Additional Security Services-IAAS 14 CloudTrail AWS Config CloudWatch Alarms AWS Trusted Advisor AWS IAM AWS KMS • Log Monitoring and Alerts • Performance monitoring • Configuration management • Vulnerability scanning • Encryption • Identity and Access Management • End Point Security Module • Network Security- FW,IDS/IPS,WAF • Antimalware Azure Security center https://summitroute.com/blog/2017/05/30/free_tools_for_auditing_the_security_of_an_aws_account/ Netflix Security Monkey
  • 15.
    Challenges in Implementation •Cloud Discovery • Gaps in contract • Challenges in Cloud Supply Chain • Rapidly changing services and architecture 15 https://www.skyhighnetworks.com/cloud-security-university/what-is-shadow-it/ Shadow IT Cloud Usage -Skyhigh
  • 16.